Abstract
We propose an Efficient moVing tArget DEfense (EVADE) that periodically changes a network topology to thwart potential attackers for protecting a given network. To achieve autonomous network topology adaptations under high dynamics, we leverage deep reinforcement learning (DRL) in a moving target defense (MTD) strategy to defeat epidemic attacks. EVADE has two objectives, minimizing security vulnerability caused by the software monoculture and maximizing network connectivity for seamless communications. We design EVADE to autonomously shuffle a network topology by identifying a pair of network adaptation budgets to add and remove edges for generating a robust and connected network topology. To improve the learning convergence speed: 1) We propose a vulnerability ranking algorithm of edges and nodes (VREN) to effectively direct the DRL agent to select adaptations; 2) We develop a Fractal-based Solution Search (FSS) to build an efficient sampling environment for the agent to quickly converge to an optimal solution; and 3) We design density optimization (DO)-based greedy MTD to further refine the solution search space. This hybrid approach achieves faster training allowing running the DRL agent online. Via our extensive experiments under both real and synthetic networks, we demonstrate the outperformance of EVADE over its counterparts.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Achleitner, S., Porta, T.L., McDaniel, P., Sugrim, S., Krishnamurthy, S.V., Chadha, R.: Deceiving network reconnaissance using SDN-based virtual topologies. IEEE Trans. Netw. Serv. Manage. 14, 1098–1112 (2017)
Anwar, A.H., Leslie, N.O., Kamhoua, C., Kiekintveld, C.: A game theoretic framework for software diversity for network security. In: GameSec 2020. LNCS, vol. 12513, pp. 297–311. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64793-3_16
Arulkumaran, K., Deisenroth, M.P., Brundage, M., Bharath, A.A.: Deep reinforcement learning: a brief survey. IEEE Signal Process. Mag. 34(6), 26–38 (2017)
Arulkumaran, K., Deisenroth, M.P., Brundage, M., Bharath, A.A.: A brief survey of deep reinforcement learning. arXiv preprint: arXiv:1708.05866 (2017)
Chai, X., Wang, Y., Yan, C., Zhao, Y., Chen, W., Wang, X.: DQ-MOTAG: deep reinforcement learning-based moving target defense against DDoS attacks. In: 2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC), pp. 375–379. IEEE (2020)
Cho, J.H., et al.: Toward proactive, adaptive defense: a survey on moving target defense. IEEE Commun. Surv. Tutorials 22(1), 709–745 (2020)
Colbourn, C.: Network resilience. SIAM J. Algebraic Discrete Methods 8(3), 404–409 (1987)
CVSS, Common Vulnerability Scoring System (CVSS), National Vulnerability Database (2022). https://www.first.org/cvss/
Darvariu, V.-A., Hailes, S., Musolesi, M.: Improving the robustness of graphs through reinforcement learning and graph neural networks. arXiv preprint: arXiv:2001.11279 (2020)
Das, D.: A fuzzy multiobjective approach for network reconfiguration of distribution systems. IEEE Trans. Power Delivery 21(1), 202–209 (2005)
Desai, A., Milner, S.: Autonomous reconfiguration in free-space optical sensor networks. IEEE J. Sel. Areas Commun. 23(8), 1556–1563 (2005)
Eghtesad, T., Vorobeychik, Y., Laszka, A.: Adversarial deep reinforcement learning based adaptive moving target defense. In: GameSec 2020. LNCS, vol. 12513, pp. 58–79. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64793-3_4
Mavoungou, S., et al.: Survey on threats and attacks on mobile networks. IEEE Access 4, 4543–4572 (2016)
Fernández, N., et al.: Virtual topology reconfiguration in optical networks by means of cognition: evaluation and experimental validation. IEEE/OSA J. Opt. Commun. Networking 7(1), A162–A173 (2015)
Ge, M., Cho, J.-H., Kim, D., Dixit, G., Chen, I.-R.: Proactive defense for internet-of-things: moving target defense with cyberdeception. ACM Trans. Internet Technol. (TOIT) 22(1), 1–31 (2021)
Grimmett, G.: Percolation and disordered systems. In: Bernard, P. (ed.) Lectures on Probability Theory and Statistics. LNM, vol. 1665, pp. 153–300. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0092620
Hole, K.J.: Diversity reduces the impact of malware. IEEE Secur. Privacy 13(3), 48–54 (2015)
Hong, J.B., Kim, D.S.: Assessing the effectiveness of moving target defenses using security models. IEEE Trans. Dependable Secure Comput. 13(2), 163–177 (2016)
Hong, J.B., Yoon, S., Lim, H., Kim, D.S.: Optimal network reconfiguration for software defined networks using shuffle-based online MTD. In: 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS), pp. 234–243 (2017)
Huang, C., Zhu, S., Erbacher, R.: Toward software diversity in heterogeneous networked systems. In: Atluri, V., Pernul, G. (eds.) DBSec 2014. LNCS, vol. 8566, pp. 114–129. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43936-4_8
Huang, C., Zhu, S., Guan, Q., He, Y.: A software assignment algorithm for minimizing worm damage in networked systems. J. Inf. Secur. Appl. 35, 55–67 (2017)
Jensen, T.R., Toft, B.: Graph Coloring Problems, vol. 39. John Wiley & Sons, Hoboken (2011)
Kaur, T., Baek, J.: A strategic deployment and cluster-header selection for wireless sensor networks. IEEE Trans. Consum. Electron. 55(4), 1890–1897 (2009)
Kim, S., et al.: DIVERGENCE: deep reinforcement learning-based adaptive traffic inspection and moving target defense countermeasure framework. IEEE Trans. Netw. Serv. Manag. 19, 4834–4846 (2022)
Kohl, N., Stone, P.: Policy gradient reinforcement learning for fast quadrupedal locomotion. In: Proceedings. ICRA2004, vol. 3, pp. 2619–2624. IEEE (2004)
Kreutz, D., Ramos, F.M.V., Veríssimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2015)
Leong, A.S., Quevedo, D.E., Ahlén, A., Johansson, K.H.: On network topology reconfiguration for remote state estimation. IEEE Trans. Autom. Control 61(12), 3842–3856 (2016)
Leskovec, J., Kleinberg, J., Faloutsos, C.: Graphs over time: densification laws, shrinking diameters and possible explanations. In: Proceedings of the Eleventh ACM SIGKDD International Conference on Knowledge Discovery in Data Mining, pp. 177–187 (2005)
Leskovec, J., Mcauley, J.: Learning to discover social circles in ego networks. In: Advances in Neural Information Processing Systems, vol. 25 (2012)
Mnih, V., et al.: Human-level control through deep reinforcement learning. Nature 518(7540), 529–533 (2015)
Najjar, W., Gaudiot, J.L.: Network resilience: a measure of network fault tolerance. IEEE Trans. Comput. 39(2), 174–181 (1990)
Newman, M.: Networks: An Introduction. Oxford University Press, Oxford (2010)
Newman, M., Watts, D.: Scaling and percolation in the small-world network model. Phys. Rev. E 60(6), 7332–7342 (1999)
O’Donnell, A.J., Sethu, H.: On achieving software diversity for improved network security using distributed coloring algorithms. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 121–131. ACM (2004)
University of Washington, Rocketfuel maps and data, April 2003. http://www.cs.washington.edu/research/networking/rocketfuel/
Rao, R.S., Ravindra, K., Satish, K., Narasimham, S.: Power loss minimization in distribution system using network reconfiguration in the presence of distributed generation. IEEE Trans. Power Syst. 28(1), 317–325 (2012)
Schulman, J., Wolski, F., Dhariwal, P., Radford, A., Klimov, O.: Proximal policy optimization algorithms. CoRR, vol. abs/1707.06347 (2017). http://arxiv.org/abs/1707.06347
Singh, S., Litman, D., Kearns, M., Walker, M.: Optimizing dialogue management with reinforcement learning: experiments with the NJFun system. J. Artif. Intell. Res. 16, 105–133 (2002)
Sterbenz, J.P., et al.: Resilience and survivability in communication networks: strategies, principles, and survey of disciplines. Comput. Netw. 54(8), 1245–1265 (2010)
Sutton, R.S., Barto, A.G.: Introduction to Reinforcement Learning, 1st edn. MIT Press, Cambridge (1998)
Temizkan, O., Park, S., Saydam, C.: Software diversity for improved network security: optimal distribution of software-based shared vulnerabilities. Inf. Syst. Res. 28(4), 828–849 (2017)
Touhiduzzaman, M., Hahn, A., Srivastava, A.K.: A diversity-based substation cyber defense strategy utilizing coloring games. IEEE Trans. Smart Grid 10, 5405–5415 (2018)
Tozer, B., Mazzuchi, T., Sarkani, S.: Optimizing attack surface and configuration diversity using multi-objective reinforcement learning. In: IEEE 14th International Conference on Machine Learning and Applications (ICMLA), pp. 144–149. IEEE (2015)
Wan, Z., Mahajan, Y., Kang, B.W., Moore, T.J., Cho, J.-H.: A survey on centrality metrics and their implications in network resilience (2020)
Yang, Y., Zhu, S., Cao, G.: Improving sensor network immunity under worm attacks: a software diversity approach. In: Proceedings of the 9th ACM International Symposium on Mobile Ad Hoc Networking and Computing, ser. MobiHoc 2008, pp. 149–158 (2008)
Yang, Y.: Improving sensor network immunity under worm attacks: a software diversity approach. Ad Hoc Networks, vol. 47, no. Supplement C, pp. 26–40 (2016)
Zhang, Q., Cho, J.H., Moore, T.J.: Network resilience under epidemic attacks: deep reinforcement learning network topology adaptations. In: IEEE Global Communications Conference (GLOBECOM), pp. 1–7 (2021)
Zhang, Q., Cho, J.H., Moore, T.J., Chen, R.: Vulnerability-aware resilient networks: Software diversity-based network adaptation. IEEE Trans. Netw. Serv. Manag. (2020)
Zhang, Q., Cho, J.H., Moore, T.J., Nelson, F.F.: DREVAN: deep reinforcement learning-based vulnerability-aware network adaptations for resilient networks. In: IEEE Conference on Communications and Network Security (CNS), pp. 137–145 (2021)
Zhang, Q., Mohammed, A.Z., Wan, Z., Cho, J.H., Moore, T.J.: Diversity-by-design for dependable and secure cyber-physical systems: a survey (2020)
Zhang, T., et al.: DQ-RM: deep reinforcement learning-based route mutation scheme for multimedia services. In: 2020 IEEE International Wireless Communications and Mobile Computing (IWCMC), pp. 291–296 (2020)
Zhang, Y., Murata, M., Takagi, H., Ji, Y.: Traffic-based reconfiguration for logical topologies in large-scale WDM optical networks. J. Lightw. Technol. 23(10), 2854–2867 (2005)
Zhu, M., Hu, Z., Liu, P.: Reinforcement learning algorithms for adaptive cyber defense against heartbleed. In: Proceedings of the First ACM Workshop on Moving Target Defense, pp. 51–58 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, Q., Cho, JH., Moore, T.J., Kim, D.D., Lim, H., Nelson, F. (2023). EVADE: Efficient Moving Target Defense for Autonomous Network Topology Shuffling Using Deep Reinforcement Learning. In: Tibouchi, M., Wang, X. (eds) Applied Cryptography and Network Security. ACNS 2023. Lecture Notes in Computer Science, vol 13905. Springer, Cham. https://doi.org/10.1007/978-3-031-33488-7_21
Download citation
DOI: https://doi.org/10.1007/978-3-031-33488-7_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-33487-0
Online ISBN: 978-3-031-33488-7
eBook Packages: Computer ScienceComputer Science (R0)